by Paul Jacobson (@pauljacobson) One of the biggest ironies of the 2012 holiday season was Randi Zuckerberg’s family photo being tweeted by her sister’s Facebook friend, Callie Schweitzer, and the resulting privacy debate. If you missed it, Buzzfeed has a pretty detailed account of what happened which includes the photo that was tweeted and the initial exchange between Zuckerberg and Schweitzer on Twitter.
Zuckerberg regards this as a matter of “human decency” and much of the debate only has focused on Facebook’s privacy controls, questions about the correct etiquette to follow when posting content about other people online and the irony that Mark Zuckerberg’s sister fell prey to this apparent privacy slight. A far more interesting issue which this controversy highlights is privacy’s contextual nature. Zuckerberg published the photo to her Facebook Timeline and shared it with a limited group of people (either “Friends of Friends” or just to her Friends but with her sister tagged with the result that Schweitzer was able to see the photo as Zuckerberg’s sister’s friend). Schweitzer then shared the photo on Twitter which, as you know, has two privacy options: completely public or closed and private.
While Facebook has fairly nuanced privacy controls with a degree of complexity, Twitter allows users to either keep their profiles public (in which case anyone can see what you tweet, for the most part) or closed and only accessible to approved users. The privacy paradigms are very different and by tweeting the photo originally shared with a limited group of people on Facebook, Schweitzer basically crossed the streams and took Zuckerberg’s photo out of its original context where her expectation was that only the people she chose to share it with would see it and published it in a very public forum not limited to just those people Zuckerberg chose.
This is largely about Zuckerberg’s legitimate expectation of privacy which, in our law, is a fundamental consideration for determining whether a person’s right to privacy has been infringed. The seminal case on the right to privacy in South Africa is the Constitutional Court case of Bernstein and Others v Bester NO and Others. The Constitutional Court said that the right to privacy is informed largely by a legitimate expectation of privacy which, in turn, means that a person must establish that:
he or she has a subjective expectation of privacy and that the society has recognized that expectation as objectively reasonable.
The subjective component means that a person can’t have an expectation of privacy where that person has consented to have his or her privacy invaded. The objective component introduces a requirement for reasonableness when assessing an apparent privacy violation. There is a notion of a “continuum of privacy interests” which is a helpful application of this idea of a legitimate expectation of privacy. The Court in the Bernstein case said the following:
The truism that no right is to be considered absolute, implies that from the outset of interpretation each right is always already limited by every other right accruing to another citizen. In the context of privacy this would mean that it is only the inner sanctum of a person, such as his/her family life, sexual preference and home environment, which is shielded from erosion by conflicting rights of the community. This implies that community rights and the rights of fellow members place a corresponding obligation on a citizen, thereby shaping the abstract notion of individualism towards identifying a concrete member of civil society. Privacy is acknowledged in the truly personal realm, but as a person moves into communal relations and activities such as business and social interaction, the scope of personal space shrinks accordingly.
This is an explanation for why people in the public eye have a different legitimate expectation of privacy than people who are deeply private and secretive. A person’s legitimate expectation of privacy is determined by their level of publicity and the consents they have given to invasions of their privacy. This further complicates Zuckerberg’s position given that she was Facebook’s head marketing executive while she was there and, given her brother’s notoriety, she remains very much in the spotlight as an Internet celebrity of sorts.
Leaving aside Zuckerberg’s arguable status as a person in the public eye, taking her photo out of its original context and sharing it in a different and very public forum likely exceeded her legitimate expectation of privacy. Her expectation was that only the people she chose to share the photo with on Facebook would see it, not everyone on Twitter and, subsequently, everyone who saw the photo in the many news reports on the controversy.
As many commentators have mentioned, this story is, to a degree, an indictment of Facebook’s convoluted privacy controls. In some respects Facebook’s privacy controls are complex because they are an attempt to cater for very granular sharing choices (for example, share only with Facebook friends but allow a friend tagged in a photo to share with her friends, thereby extending the share – likely what occurred here). They are certainly more intelligible today than they have been in the past but the options available to the person doing the sharing contrasted with the controls available to the person given access to that content creates opportunties for sharing that often exceed the user’s original intention.
Context is an underappreciated and vital aspect of privacy. It is implicit in the legitimate expectation of privacy and it is becoming a particularly tricky factor in an interconnected social Web. To paraphrase Shrek:
There is a lot more to privacy than you think. Privacy is like onions. Onions have layers.
Paul Jacobson is founder and director of Web•Tech•Law. Web•Tech•Law / CC BY-SA 2.5
– Industry news you’ll make time for. Sign up for our free newsletter!